| Index: trunk/extensions/Validator/Validator_Manager.php |
| — | — | @@ -67,7 +67,7 @@ |
| 68 | 68 | $errors = array(); |
| 69 | 69 | |
| 70 | 70 | foreach ( $this->errors as $error ) { |
| 71 | | - $error['name'] = '<b>' . $error['name'] . '</b>'; |
| | 71 | + $error['name'] = '<b>' . Sanitizer::escapeId($error['name']) . '</b>'; |
| 72 | 72 | |
| 73 | 73 | if ($error['type'] == 'unknown') { |
| 74 | 74 | $errors[] = wfMsgExt( 'validator_error_unknown_argument', array( 'parsemag' ), $error['name'] ); |
| — | — | @@ -96,11 +96,13 @@ |
| 97 | 97 | case 'invalid' : default : |
| 98 | 98 | $msg = wfMsgExt( 'validator_list_error_invalid_argument', array( 'parsemag' ), $error['name'] ); |
| 99 | 99 | break; |
| 100 | | - } |
| | 100 | + } |
| 101 | 101 | |
| 102 | 102 | if (array_key_exists('invalid-items', $error)) { |
| 103 | | - $msg .= wfMsgExt( 'validator_list_omitted', array( 'parsemag' ), |
| 104 | | - $wgLang->listToText($error['invalid-items']), count($error['invalid-items']) ); |
| | 103 | + $omitted = array(); |
| | 104 | + foreach($error['invalid-items'] as $item) $omitted[] = Sanitizer::escapeId($item); |
| | 105 | + $msg .= ' ' . wfMsgExt( 'validator_list_omitted', array( 'parsemag' ), |
| | 106 | + $wgLang->listToText($omitted), count($omitted) ); |
| 105 | 107 | } |
| 106 | 108 | |
| 107 | 109 | $errors[] = $msg; |
| — | — | @@ -124,7 +126,7 @@ |
| 125 | 127 | $errors[] = wfMsgExt( 'validator_error_accepts_only', array( 'parsemag' ), $error['name'], $itemsText, count( $error['args'] ) ); |
| 126 | 128 | break; |
| 127 | 129 | case 'invalid' : default : |
| 128 | | - $errors[] = wfMsgExt( 'validator_error_invalid_argument', array( 'parsemag' ), '<b>' . $error['value'] . '</b>', $error['name'] ); |
| | 130 | + $errors[] = wfMsgExt( 'validator_error_invalid_argument', array( 'parsemag' ), '<b>' . Sanitizer::escapeId( $error['value'] ) . '</b>', $error['name'] ); |
| 129 | 131 | break; |
| 130 | 132 | } |
| 131 | 133 | } |